Saturday, July 20, 2024

Honda Data Leak – 134 Million Documents Related to Internal Network and Computers Leaked

An unsecured ElasticSearch database belongs to largets automobile manufacturer exposed online. The exposed documents include internal network and computers data of Honda Motor Company.

Security researcher Justin Paine uncovered the leaked database, the ElasticSearch database contains 134M that worth around 40GB of data. It appears the database publically available for more than a week.

The unprotected database contains sensitive information such as “hostname, MAC address, internal IP, operating system version, which patches had been applied, hostnames and the status of Honda’s endpoint security software.”

Exposed data

The databases contain dealership information and the data related to Honda’s global network of employee machines. It exposes the names of endpoint security vendor networks that protect Honda’s machines and the high-level employee’s data such as CEO, CFO, CSO, etc.

By having the unique data attackers can launch targeted attacks and can exploit the vulnerability to get access over the network and to penetrate further.

A table in name “ad_com_all” exposes the OS versions, hostnames and has over 300,000 data points, another table spotted has employee name, department, last login, employee number and account names.

Paine also identified several tables that include the employee email, department, machine IP address, MAC address, hostname, operating system, machine type, endpoint security state, printer name, internal I Pand which Windows KB/patches.

Also, the leaks include the “CEO’s full email, full name, department, MAC address, which Windows KB/patches had been applied, OS, OS version, endpoint security status, IP, and device type.”

Paine reached out to Honda’s security team on July 6th and the ElasticSearch database was secured, here is the statement from Honda.

“Thank you very much for pointing out the vulnerability. The security issue you identified could have potentially allowed outside parties to access some of Honda’s cloud-based data that consisted of information related to our employees and their computers. We investigated the system’s access logs and found no signs of data download by any third parties. At this moment, there is no evidence that data was leaked, excluding the screenshots taken by you. We will take appropriate actions by relevant laws and regulations, and will continue to work on proactive security measures to prevent similar incidents in the future.”

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity course online to keep yourself updated.


Latest articles

Hackers Claiming Dettol Data Breach: 453,646 users Impacted

A significant data breach has been reported by a threat actor known as 'Hana,'...

CrowdStrike Update Triggers Widespread Windows BSOD Crashes

A recent update from cybersecurity firm CrowdStrike has caused significant disruptions for Windows users,...

Operation Spincaster Disrupts Approval Phishing Technique that Drains Victim’s Wallets

Chainalysis has launched Operation Spincaster, an initiative to disrupt approval phishing scams that have...

Octo Tempest Know for Attacking VMWare ESXi Servers Added RansomHub & Qilin to Its Arsenal

Threat actors often attack VMware ESXi servers since they accommodate many virtual machines, which...

TAG-100 Actors Using Open-Source Tools To Attack Gov & Private Orgs

Hackers exploit open-source tools to execute attacks because they are readily available, well-documented, and...

macOS Users Beware Of Weaponized Meeting App From North Korean Hackers

Meeting apps are often targeted and turned into weapons by hackers as they are...

Hackers Exploiting Legitimate RMM Tools With BugSleep Malware

Since October 2023, MuddyWater, which is an Iranian threat group linked to MOIS, has...
Guru baran
Guru baran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Free Webinar

Low Rate DDoS Attack

9 of 10 sites on the AppTrana network have faced a DDoS attack in the last 30 days.
Some DDoS attacks could readily be blocked by rate-limiting, IP reputation checks and other basic mitigation methods.
More than 50% of the DDoS attacks are employing botnets to send slow DDoS attacks where millions of IPs are being employed to send one or two requests per minute..
Key takeaways include:

  • The mechanics of a low-DDoS attack
  • Fundamentals of behavioural AI and rate-limiting
  • Surgical mitigation actions to minimize false positives
  • Role of managed services in DDoS monitoring

Related Articles